Binrev Financier
  • Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by tekio

  1. ntpasswd will boot a minimal version of linux and edit the SAM file. You may also want to use BartPE to bak up the old SAM (someone will notice the passwd has been changed blanked). Or you could use Knoppix and copy SAM and Sytem file (depending on how syskey is configured) to a USB thumb drive. Try the latest version of ophcrack live CD. Samdump is used to retrieve hashes, but only works with Debug Privileges which are only given to Admin and maybe Power Users by default.
  2. I'm kind of thinking this is not the answer you're looking for and is something you possibly already know. Both THC-Scan ,Phone Sweep, and iWar for Unix do a decent job of detecting the remote carrier system type. Also in every edition of Hacking Exposed there is a table of various default login prompts and the systems they represent.
  3. What I did was use an Esata drive to install osx on. When I wanted to boot into freeBSD it booted, that was default boot drive. When booting osx just go into the BIOS and change the boot drive to the of the eSATA drive. Look on Hak.5 they actually have a tutorial on how to use dd to copy your master boot record and install osx. I am not sure if it is in a dual boot situation though. Hope this helps a little bit.
  4. Any good encryption or hashing algorithm cannot simply be decrypted. Password hashes are usually recovered or "cracked" using an identical algorithm, hashing items from a word-list or computed brute-force items camparing ressults against the hash or cipher text which is to be recovered.
  5. Try this: http://milw0rm.com/cracker/. Hope it helps.
  6. Can someone tell me the trick to installing the heatsink for a socket 775 Intel? I just broke the stock heat-sink, and want to know how to do this before trying the new one.
  7. im kind of not sure what you mean when you say "socket 775 heatsink" there are many heatsinks that are for socket 775 processors. Thanks for the correction and the help. I meant a heatsink for a socket 775 processor.
  8. If you are learning C PHP would be an easier transition. PHP can be more procedural (i know v.5 has added some great OOP features) and ASP is more OOP. IF you choose ASP go with .Net it is fairly powerful in what it can do. Personally, I like PHP. The server I use for learning LAMP development and configuration is a Pentium 120 with 500MB of RAM, running Debian Etch. A dedicated box for learning ASP and IIS configuration would cost much more. If you decide to go with ASP a good introduction to basic VB .Net syntax would be a great idea.
  9. Try using, "Norton exclude scan". If it is an optoin try a new AV, Bitdefender and NOD32 are decent.
  10. One of the fasteners that is twisted after insertion into the mother board socket broke while tightening (it really did not seem as though I was applying much pressure). Hopefully, this one will not do the same: http://www.tigerdirect.com/applications/Se...p;sku=M333-3003 it has metal pins:) The biggest problem I was having is after the first install my system was really heating up under high CPU loads. After checking the heatsink it was was not properly fastened. I totally followed the directions and things looked good after the heatsink install. When googling several articles complained of the same issue with the socket 775 heatsink. None of them however, stated a solution to this problem. I guess the question I should ask is, how does one know when this socket is properly secured? Perhaps the 775 design cools better, but it seems as though a Core 2 Duo is efficient enough to use an older design. I liked those much better; either they were were secured or they were not (just my opinion). Also, about a year ago I purchased a small tube of Actic5 Sliver to test the claims. Now I swear by it.
  11. Actually, it had no manual since the processor and heatsink were used items. I did however google and get some basic instructions off MSI's website. So I guess I did read a FM. Also, obviously I failed at this attempt. Therefore, I seek advice form those more experienced than myself before I waste another $40.00 ruining a new heatsink. Otherwise that was a good suggestion.
  12. As mentioned previously if you have physical access to the machine try ntpasswd, or use a usb stick and Knopix. Boot up in Knoppix and copy c:\windows\system32/config/SAM and c:\windowx/system32/config/SYSTEM to your usb drive and run them through LCP not lophtcrack but LCP. Just google LCP crack SAM and it should come up, its a free download. Also, you could set up a rogue SMB server using SMB relay. This will capture the LM hashes when any machine initiates a netbios connection to it. Just se him or ask to use his machine for a second and connect to your rogue SMB server. Once you got the LM hashes from SMBRelay you will need to subtly change the format for John (much faster than L0ptcrack). Finally download the windows version of john the ripper all windows versions should support LM hashes, if you only get the NLTM hashes you need a special version of john that supports these and things may take a while. also worth mentioning is a little app called nbtdeputy this will put a rogue smb client in the workgroup. Run smbrelay on this pseudo client and it will capture a machines hashes whenever the user opens "My Network Neighborhood (so long as this has not been patched yet). If you get the LM hashes through smbrelay it should only take about a week to get through the entire key-space with most any modern processor.
  13. The system I use for gaming is a Dell XPS410. I would really like to upgrade the video card on this to a 8800 GTX. The problem, however, is the stock PSU only outputs 375watts with +12va at 18.0A which will not power this card. Because Dell has used the BTX form factor with a proprietary design it is virtually impossible to replace the primary PSU. Would it be possible to add a secondary PSU to solely power the video card through its PCIe power connector? Thank you.
  14. Problem solved (well kinda). For now I am going to use a Radeon 1950XT as this is the fastest that will fit in this thing out of the box. No worries about no DX10 support as of yet and the system still runs XP. Pocketed money is going for a new system this spring. Thanks all for the feedback.
  15. KuiperBeltObject, thanks for the response. The only reason I got a Dell was pure laziness. I did not want to take the time to build a system from scratch. At your shop when replacing these BTX power supplies what 3rd party brands / models do you use?
  16. If you can get your hands on a dwl-122 it will do promiscuous mode monitor mode and the prism 2.5 chipset will do injection also. Cons: low range, very overpriced on ebay because all the tivo owners want one, and these cards break very easy, I've been through about five of them.. Good Luck
  17. One of the most common ways to get into networks these days is through poorly designed web applications PHP, ASP , etc. I do not condone defacement though. Lans are a good place to put you Hacking Exposed / Hacking Windows 2003 skills to work. As posted previously wep is always a good target, basically you just need to be able to find the weakest link in the chain and pick at it. Some Good Books: - Hacking Exposed 5th Addition - Hacking Windows 2003 Exposed - Web Hackers Boot Camp - Web Hacking - How to Break Web Software - Wireless Hacking Exposed - The DataBase Hackers Handbook (haven't read this one yet) If you take the time to read these books I trust you will do wisely and not end up with a good friend named bubba.
  18. I PM'd you the link to where I uploaded, just hope it was the correct version (i've got about 5 versions of kismac in my dl folder). For injection I use the DWL-122 and have not had any problems with spotlight. When working with Kismac DWL-122 does not use native Dlink drivers it uses MAcJak drivers. By all means DO NOT install Dllink drivers. From my experiences they do nothing but cause kernel panics. According to Dlink this is an os x issue, guess apple failed to develop their kernel around Dlinks drivers ... lol However, Kismac injection is kinda weak. AirCrack and BSD Airtools are much better suited for cracking wep
  19. Mac OSX WinXP WinVista FreeBSD Debian
  20. that really sucks that the Kismac team has shutdown. If you need, I managed to get the latest beta build that will allow monitor mode with my macbook pro sporting the newer airport extrems, no injection unless a USB card is used though.
  21. VI can handle up to 4GB I think. Ultra Edit should do the job as well.
  22. Dude, read the post I just made under "How you got started". It might just change your mindset about this post.
  23. Back in about 1997 I worked as a night supervisor for a telemarketing company. In the QC Department that I supervised nightly reports were done in excel on a Win3.11 machine. Thinking it was a drag to be at work doing reports on Sunday I purchased my first computer, a compaq presario just to go home and do the dastardly reports while watching football. After that I really got into computers and spent months researching how the internet worked, it really blew my mind. Started learning HTML, system building, and even tried a little programming. I finally hung up the telemarketing gig to get a job at aol (lot less pay but a way to get into the business) At AOL I was able to get full internet access and would spend my time reading various technology/hacking materials while on tech-support calls. A few months after I landed a gig with a local ISP and they encouraged me to learn PHP. That did not last long though because I got canned for "hacking" an NT box... guess I did too much reading when working for AOL....
  24. Just keep track of the correct host key. If that changes when it should not you could fall victim to a MITM attack.
  25. ssh

    http://en.wikipedia.org/wiki/Ssh For windows use putty or openssh for windows